Computers control most of the modern tools and conveniences in the Starfinder universe, from simple door locks to advanced overminds controlling all incoming and outgoing traffic from a spacedock. Almost anything can be found hiding inside their mainframes, from the plans for wondrous new technological marvels to some of the darkest corporate secrets imaginable. That said, most computers consist of simple information and control systems. Gaining access to computers in order to reach their files and control modules is a common occurrence in the game—and even sometimes required. The following rules are designed to give GMs the tools necessary to design computer systems that are both interesting and challenging.
Each computer system is made up of various simple statistics that tell the GM how the computer functions, what it knows, what it controls, and what it can do to defend itself. This information is presented in the following terms.
The computer’s tier indicates its overall technological sophistication, from 1 to 10. A tier-1 computer might be something as simple as a common datapad, a door lock, or a lighting controller, whereas a tier-10 computer represents the systems managing the engine core of a space station or the mainframe of an Aspis Consortium intersystem office. Note that the workstation of a tier-10 computer mainframe might itself be only a tier-3 computer, but it cannot in any way access or control the full mainframe, even if hacked; it can interface with only the components to which it has been granted access. Thus, access to the mainframe itself and features it controls requires hacking its tier-10 defenses.
The tier of a computer determines its base price and the base DC to hack into its system using a Computers check. Both of these are modified by the modules and countermeasures installed on a system (see Modules and Countermeasures below). The base DC to hack a computer is equal to 13 + 4 per tier.
A computer’s control module is the input device and display designed to allow you to enter commands into and receive data from the computer. In the Pact Worlds, most user interfaces include a keyboard, view screen, microphone, and speakers, to allow typed, spoken, or gesture-based commands to be given to the computer and to deliver graphic or audio data from the computer. These kinds of user interfaces come free with any system, and a computer can have as many as ten user interfaces per point of bulk the computer has (though normally only public systems or computers used by large companies do this).
It is also possible for a user interface to exist only as a broadcast device (such as a comm unit), or even to have another smaller computer act as a user interface (using a control module). You can set a computer to use this kind of user interface for free when you buy it, though you must pay for the additional device separately, or you can install (or remove) user interfaces using the disable or manipulate module task of the Computers skill to alter a user interface. Such additional user interfaces do not count against the total modules a computer can have.
You can use a hacking kit to access a computer without using a user interface, but this requires you to have physical contact with the computer or to make contact through an infosphere or similar network that is linked to the computers.
Computers can be extremely small, but miniaturizing such units without sacrificing computational power or durability increases a computer’s price. At base, a computer has a bulk equal to its tier squared. Computers with light bulk or negligible bulk can be worn easily on the wrist or clipped to communications devices and used without having to hold them in a hand. Any computer with a bulk of 1 or more must be held or set on a sturdy surface to be used. Computers with a bulk of 25 or more are not designed for portability, and normally they are permanently mounted to furniture or a vehicle or starship. You can reduce the size of a computer with the miniaturization upgrade (see page 216).
Access and Authorization
Computers are designed for users to quickly and easily gain access to their files and functions. A computer may have unsecured access, which allows anyone able to interact with its user interface to perform basic functions. In such cases it usually has secured root access, so more crucial features remain available to only a select few. A computer can have unsecured root access, but this is normally only the case for a newly-purchased computer, and the first owner is expected to establish secure root access as soon as possible.
Access means you are able to use all the basic functions of the computer, which generally includes retrieval of any information not stored in a secure data module (see page 215), the ability to send and receive messages from other devices or systems connected to the computer (which may include access to a planetary infosphere), and control of any minor functions (such as door controls, entertainment systems, light switches, and other common household devices) controlled by the computer.
In most cases, it is obvious at a glance whether a computer’s user interface has unsecured access or whether it is necessary to attempt a Computers check to hack the system.
Root access is a more advanced form of access that allows you to use all of a computer’s functions and modules, bypass or set conditions for its countermeasures, and look at, copy, add to, and delete any of its secured data. With root access, you can also grant a specific individual with access the ability to use a specific module or countermeasure you control that would not normally be available to the base access level.
You can gain root access only when a computer is first purchased, when it is granted by another creature that already has root access, or when you make a successful Computers check to hack the system and beat the computer’s normal DC by 20 or more. Normally, root access applies to a computer as a whole, but modules behind a firewall can have their own separate root access permissions.
Most systems attempt to balance access and security with a two-step verification process to confirm authorized access, entailing both a physical security key (which might be nearly any tangible object, such as a keycard, palm print, or even another computer) and a password (often a fairly long string of characters entered through a keyboard, but also potentially a voiceprint or song, a telepathic command, or a riddle easily understood if you know the context).
Characters who are authorized, have the security object, and know the password can access a computer and use it for its intended purpose without needing to hack into it. Both a security key and a password can limit a character’s access to only some modules or tiers of a computer and don’t allow the user to access other functions. If you attempt to hack a computer, you gain a significant advantage if you acquire its security key or password, each giving you a +5 bonus to Computers checks to hack. However, the access granted by such security measures can easily be revoked by someone who already has access to the computer if that individual knows you have somehow obtained a security key or learned a password. Similarly, if you use either a security key or password to gain a bonus to a Computers check and then fail that check by 5 or more, the system automatically locks access against further attempts from the specific security credential used, which no longer grants its bonus to future checks.
Computers are good at storing data, making calculations, manipulating and sorting information, performing rote tasks, and combining these tasks (often in the form of apps or programs). A computer may be set up to perform any of these functions in a general way, and it’s impossible to define everything a computer can possibly do. In general, computers can be treated as tools that streamline tasks that would otherwise demand significant bookkeeping, computation, sorting, tracking, or viewing, as long as the needed data can be input. Such tasks are normally part of a computer’s basic functions (though the data they need might well be kept behind a firewall, in a secure data module, or both), and ultimately it is up to a GM to determine a computer’s total capacity for performing such basic functions.
A basic function can also control a simple device such as a fire-suppression system, remote door, or a video camera— anything with simple on and off functions. New basic functions of this type can be added with a successful DC 10 Computers check, though the GM has final say on what an appropriate basic function is for a computer. Anything more complex that would normally require a creature to operate must be controlled through a control module (see page 215).
Modules define what a computer is capable of doing beyond its basic functions. Computers can have any number of modules. These typically fall into one of four categories: control, secure data, spell chips, and upgrades. Control modules can operate a device or object that is in some way linked to the computer, such as a video camera or even a connected robot. A secure data module contains a vast amount of information, from technical blueprints to financial ledgers or perhaps personal correspondence. Spell chips are special magic items that allow a computer to generate spell effects. Finally, upgrades are simply improvements to the computer system that increase the difficulty of hacking the computer, expand its reach, or make it faster and easier to use. For more information about common computer modules, see Modules on page 215.
Countermeasures are specific actions that occur if someone tries to hack into a computer system. Some spring into action only if someone attempts and fails a Computers check to hack the system, while others activate whenever anyone tries to access the machine in any way. The most basic countermeasures simply remove access from a user or specific user interface, whereas more advanced countermeasures might alert robot sentries or even emit a lethal shock. A computer can have a maximum number of countermeasures equal to its tier. For more details about common computer countermeasures, see Countermeasures beginning on page 216.
|DC to Hack
Computers can have any number of modules installed. Modules can be partitioned off from other parts of a computer if placed behind firewall countermeasures, which increases their security. A computer can have multiple modules of the same type, but the bonuses they grant to a system generally do not stack with themselves. For example, a system could have three copies of the security I module (which each grant a +1 bonus to the DC), but they do not stack to increase the DC to break into the computer.
Note that modules are a combination of both hardware and software, and as such they typically cannot be physically removed without damaging the system or rendering it inoperable. With the right amount of skill and time, a module can be disabled or manipulated, but this typically cannot be done during combat. See the Computers skill on page 137 for more information.
Module pricing is provided on Table 7–23: Module, Upgrade, and Countermeasure Pricing.
Module, Upgrade, and Contermeasure Pricing
|10% of controlled device Secure data, average 10 credits
|Secure data, large
|Secure data, specific
|110% of component Spell gem
|10% of computer’s base price
|50% of computer’s base price
|10% of computer’s base price
|Range I (100 feet)
|Range II (1 mile)
|Range III (planetwide)
|10% of computer’s base price
|50% of computer’s base price + 10% of price of control and data modules
|20% of computer’s base price
[^1]: See Table 7–24: Security Modules for more details.
[^2]: See Table 7–25: Shock Grids for more details.
The control module allows the computer to operate a complex device, to which it must be in some way connected. (Simpler devices can be controlled as part of a computer’s basic functions.)Some countermeasures might make use of a computer’s control modules when activated. Gaining control of a computer allows the user to activate the devices in any way allowed by the control module. The price of a control module depends on the complexity of the object being controlled. The control module for a more complex device, such as a spy drone, starship, vehicle, or weapon turret, costs 10% of the device to be controlled.
When controlling a basic device that essentially has an on/off switch, the computer simply gains access to that switch and can activate or deactivate the connected device as instructed. When in charge of a device that can already operate autonomously (such as a robot or another computer), the controlling computer can give orders to that device. When operating a device that requires a skill check or attack roll (such as a computer hooked to a med-bed or weapon), the controlling computer can either allow a creature with authorized access to attempt a skill check or attack roll, or attempt the skill check or attack roll itself. When making its own check, the computer is assumed to have an attack bonus equal to its tier, proficiency with any weapon it controls, and a total skill bonus equal to 2-1/2 × its tier. Such controlled objects are normally mounted to a specific location (such as a controlled longarm placed in a turret with line of sight to the computer’s terminal), in which case the mount and related components are included in the control unit price.
A computer can also control another computer. In this case, hacking one computer allows you to attempt to hack any computer it controls, but this does not automatically give you access to those other computers. It’s common for a lower-tier computer to be set up to control a higher-tier computer, such as when a clerk’s desk computer is linked to a company mainframe. In these cases, the lower-tier computer can only send specific, authorized commands to the higher-tier computer, though it can still be used as an access point in an attempt to hack the higher-tier computer.
This module contains secured data relative to a specific topic, and is almost never available without root access or an action by someone with root access to grant another user the ability to access the secure data module. Since a secure data module serves to store information too important or sensitive to let fall into the hands of your average hacker, it is frequently also kept behind a firewall.
Secure data might consist of a few simple documents or a vast library of technical specifications. The only requirement is that the data be limited to one general topic (such as a ship’s design, correspondence among members of a group, local maps and charts, etc.); additional topics require additional data modules. The price of the module depends on the topic’s size. A data module suitable for a specific small topic (such as a video log, a financial ledger, or a building schematic) costs 1 credit. A data module for an average topic (such as engineering specifications for a gun, a company’s employee database, or a large array of maps) costs 10 credits. Modules for large topics (such as the plans for a starship, a space station’s operations log, or a company’s master records) cost at least 100 credits and might cost as much as 1,000 credits. In addition to storing data that might be valuable on its own (such as plans for a military invasion), a data module allows a character with access to it to take 20 when attempting a skill check to recall knowledge on a topic related to the data module’s contents.
It is possible to create spell gems (see page 224) in the form f chips that can be slotted into a computer system. A user capable of utilizing an equivalent spell gem with access to the computer in which such spell chips are installed can cast the related spells whenever controlling the computer and gains a +2 circumstance bonus to any skill check involving these spells. Spell chips cost 110% of a spell gem (page 224) with the same spells. When a spell is expended from a spell chip, the chip itself is not destroyed, and the spells can be reloaded into the spell chip for 90% of the normal price of a new spell chip.
These modules improve the overall effectiveness, security, and utility of a computer system. A computer system can have any number of these modules, but their effects generally do not stack. For a better effect, a more expensive module must be purchased and installed on the computer.
An artificial personality is a program designed to allow a computer to hold conversations in plain language with both users and creatures that lack access. Such computers are often given a name and are capable of parsing expressions, slang, social cues, tone of voice, and similar elements beyond a literal understanding of spoken or written words. They can respond appropriately through algorithms and lists of billions of known phrases and expressions, developed by programmers over centuries to allow for extremely natural- sounding conversations. Such computers can even display what appear to be emotions and insights. However, unlike androids, computers with artificial personalities have not attained true consciousness. The ability of an artificial personality to hold a conversation, learn names and habits, and even give advice is based purely on its complex code and extensive lexicons.
The primary advantage of an artificial personality is that an authorized user can operate the computer by giving simple spoken or typed commands in plain language and receive information from the computer the same way. On starships traveling far from civilized systems for months or years at a time, some owners also appreciate hearing a friendly voice and having someone to talk to, despite knowing that the “someone” isn’t an actual conscious being. Artificial personalities are sophisticated enough that the computer can attempt Bluff, Diplomacy, Intimidate, and Sense Motive checks with a total bonus equal to 2 × its tier. This upgrade costs 10% of the base price of the computer.
The computer and its systems are encased in armored and energy-resistant shells. The computer’s hardness increases by 10, and it gains a +8 bonus to saving throws against energy attacks and effects that specifically target computers or electronic systems. This upgrade costs 50% of the base price of the computer.
Treat your computer as 1 tier lower when calculating its bulk, to a minimum of tier –1. A tier-0 computer has light bulk, and a computer of tier –1 has negligible bulk. You can buy this upgrade multiple times. Each time it costs 10% of the base price of the computer.
While most computers have access to remote systems and local infospheres, this connection does not necessarily extend to other devices. A computer that controls a comm unit can use that comm unit to send and receive messages but cannot use it to control devices. The range upgrade provides a secure, remote connection to a device which allows it to be controlled from a distance. Without this upgrade, a computer must be physically connected to the devices it controls with its control modules. Range I allows the computer to control a device wirelessly within 100 feet, and costs 5 credits (this includes the adjustments to both the computer and the connected device). Extending this range to 1 mile (Range I) costs 50 credits, while increasing it to planetwide (Range III) costs 100 credits (requiring an infosphere connection for both the computer and device).
This bolsters the overall security of the computer, increasing the DC of the Computers check to hack the computer and gain access to its modules. This upgrade comes in multiple ranks, each stronger and more secure than the last. Refer to Table 7–24: Security Modules to determine the DC increase and the price (in percentage of the base price of the computer). A computer cannot benefit from more than one security upgrade.
|25% of computer’s base price
|50% of computer’s base price
|75% of computer’s base price
|100% of computer’s base price
While most computers can operate for up to 24 hours on internal batteries, this upgrade makes it so that the computer can function for up to 1 week on its internal power alone. Multiple purchases of this upgrade each extend the time by 1 additional week. This upgrade costs 10% of the base price of the computer.
Countermeasures form a computer system’s last defense against hackers trying to compromise it. Countermeasures are specifically designed to activate when an unauthorized user attempts unsuccessfully to access the system, usually by entering an incorrect password or by failing to bypass other security precautions. Some activate the moment a user tries to get into the system and deactivate only once the correct password has been entered. In either case, a computer can have a number of countermeasures equal to its tier.
Prices for countermeasures are listed on Table 7–23: Module, Upgrade, and Countermeasure Pricing.
One of simplest countermeasures, this program sends an alert to a specific individual or station if someone attempts to breach the system. If the computer has a control module connected to an actual alarm, this countermeasure can trigger that alarm. If the computer controls a robot, trap, or weapon, an alarm can also activate them. The alarm countermeasure costs 10 credits.
This particularly cunning countermeasure creates an entirely fake network and system directory for anyone accessing the system that fails to bypass this countermeasure. The phony network has cloned control modules and data modules to make it appear to be the actual system, but the control modules do not actually work and the data modules contain garbage files. A character can uncover this ruse with a successful Computers check with a DC equal to the system’s DC + 5. You automatically get a new check each minute with a cumulative +2 circumstance bonus until you discover the ruse. The fake shell countermeasure costs 50% of the base price of the computer plus 10% of the price of its control and data modules.
This countermeasure unleashes insidious virus software into any system that tries to hack it, causing damage to that system and its programming. If you fail a check to hack the computer by 5 or more, any device used in the attempt to break into the system is infected and becomes unreliable, resulting in a –5 penalty to all skill checks involving the infected equipment. You can remove a virus from an infected system if you succeed at a Computers check with the same DC as hacking the computer that has the feedback countermeasure. At the GM’s discretion, feedback viruses can have other effects instead, such as granting a +5 circumstance bonus to anyone attempting to hack the infected system. A feedback countermeasure costs 500 credits.
This countermeasure does nothing to the intruder but instead partitions off modules behind an additional layer of security. Accessing the hidden modules requires another successful Computers check, usually with a DC equal to the original DC + 2. A computer can have multiple firewalls to block off multiple modules, but no one module can be protected by more than a single firewall. A firewall costs 20% of the base price of the computer.
A lockout countermeasure freezes a system if a user repeatedly fails attempts to access it, causing it to become entirely inaccessible. Generally, this does not mean that the system is powered down, and other modules and countermeasures can still take automated actions. Lockouts last a specified period of time, typically 10 minutes, 1 hour, or 1 day, but any time frame can be specified. A lockout cannot be disabled, even by a user with the correct passwords and credentials. It is possible to bypass a lockout by accessing physical components of the computer, requiring a successful Engineering check with the same DC as the check to hack the computer.
A standard lockout activates if there are three failed attempts to access or hack the computer within 24 hours and costs 100 credits. A lockout can be set to allow a different number of failed attempts before activating or to last a different amount of time. If the computer has an alarm, it can be set to inform a specific terminal or communication device when each failed attempt occurs and when the lockout is activated.
The computer and its surrounding environment are protected by a grid of conductive material that transmits a shock to anyone who fails to access the system. This has two settings: one meant to stun and one meant to kill. Normally, the stun setting happens first, with a warning about lethal force should the intruder make another attempt. The stun setting forces all creatures within 10 feet of the terminal to succeed at a Fortitude saving throw or be stunned for 1 round. The lethal setting affects nearby creatures like the stun setting but also deals electricity damage to all creatures within 10 feet of the computer, allowing a Reflex save for half damage. The save DC, damage dealt, and price all depend upon the rank of the shock grid, as indicated on Table 7–25: Shock Grids. Each rank added counts as one countermeasure when determining the total number of countermeasures a system can have. Only computers fixed permanently to a floor or similar surface can have shock grids.
The system deletes specified data when an unauthorized breach is detected. This usually causes a number of data modules to be deleted from the system. Unless the owner is incredibly paranoid, this countermeasure is usually set to trigger only after two or more failed attempts to enter the system (so as to prevent accidental deletion due to a failed password attempt). Wipes don’t definitively remove data, however, unless the physical module containing the data is destroyed. Information deleted through a wipe can be recovered with 8 hours of work and a successful Computers check (DC = 10 + the DC to hack the computer). A wipe countermeasure costs 10 credits.